7.12任务

最新推荐文章于 2024-10-10 13:45:00 发布
最新推荐文章于 2024-10-10 13:45:00 发布
阅读量66 收藏
点赞数
文章标签: 网络 运维 python
原文链接:https://my.oschina.net/u/3866688/blog/1845240
版权

10.11 Linux网络相关

ifconfig查看网卡的ip,需要安装net-tools包。

也可以使用ip addr命令。

-a     display all interfaces which are currently available, even if down

关闭网卡和打开网卡操作使用

ifdown和ifup命令,都是后加网卡名。

比如我们想单独对于一个网卡进行更改,又不想重启所有的网卡,只启动指定的网卡,就是用这两个命令。

但是我想通过xshell等软件链接一个远程主机,那么当我们更改好配置文件后,可以使用如下命令重启网卡。

[root@localhost: ~]# ifdown ens33 && ifconfig && ifup ens33
Device 'ens33' successfully disconnected.
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        ether 00:0c:29:1c:de:be  txqueuelen 1000  (Ethernet)
        RX packets 19061  bytes 18148597 (17.3 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 13666  bytes 3060590 (2.9 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 1000  (Local Loopback)
        RX packets 72  bytes 6264 (6.1 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 72  bytes 6264 (6.1 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/3)

可以看到已经没有ip地址了。

设定一个虚拟网卡,给虚拟网卡设置ip。

[root@localhost: ~]# cd /etc/sysconfig/network-scripts/
[root@localhost: network-scripts]# ls
ifcfg-ens33  ifdown-eth   ifdown-post    ifdown-Team      ifup-aliases  ifup-ipv6   ifup-post    ifup-Team      init.ipv6-global
ifcfg-lo     ifdown-ippp  ifdown-ppp     ifdown-TeamPort  ifup-bnep     ifup-isdn   ifup-ppp     ifup-TeamPort  network-functions
ifdown       ifdown-ipv6  ifdown-routes  ifdown-tunnel    ifup-eth      ifup-plip   ifup-routes  ifup-tunnel    network-functions-ipv6
ifdown-bnep  ifdown-isdn  ifdown-sit     ifup             ifup-ippp     ifup-plusb  ifup-sit     ifup-wireless
[root@localhost: network-scripts]# cp ifcfg-ens33{,\:0} 
[root@localhost: network-scripts]# ls
ifcfg-ens33    ifdown-bnep  ifdown-isdn    ifdown-sit       ifup          ifup-ippp  ifup-plusb   ifup-sit       ifup-wireless
ifcfg-ens33:0  ifdown-eth   ifdown-post    ifdown-Team      ifup-aliases  ifup-ipv6  ifup-post    ifup-Team      init.ipv6-global
ifcfg-lo       ifdown-ippp  ifdown-ppp     ifdown-TeamPort  ifup-bnep     ifup-isdn  ifup-ppp     ifup-TeamPort  network-functions
ifdown         ifdown-ipv6  ifdown-routes  ifdown-tunnel    ifup-eth      ifup-plip  ifup-routes  ifup-tunnel    network-functions-ipv6
[root@localhost: network-scripts]# vim ifcfg-ens33\:0 更改了NAME DEVICE IPADDR
[root@localhost: network-scripts]# !vim
vim ifcfg-ens33\:0  
[root@localhost: network-scripts]# ifdown ens33 && ifup ens33
Device 'ens33' successfully disconnected.
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/6)
[root@localhost: network-scripts]# ifconfig 
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.16.100  netmask 255.255.255.0  broadcast 192.168.16.255
        inet6 fe80::4f75:15d9:faa2:c641  prefixlen 64  scopeid 0x20<link>
        ether 00:0c:29:1c:de:be  txqueuelen 1000  (Ethernet)
        RX packets 19633  bytes 18198795 (17.3 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 14085  bytes 3132446 (2.9 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

ens33:0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.16.150  netmask 255.255.255.0  broadcast 192.168.16.255
        ether 00:0c:29:1c:de:be  txqueuelen 1000  (Ethernet)

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 1000  (Local Loopback)
        RX packets 88  bytes 7656 (7.4 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 88  bytes 7656 (7.4 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

这样192.168.16.150也是可以ping通的。

下列命令可以查看是否是link ok的网卡,查看是否连接网线。

[root@localhost: network-scripts]# mii-tool ens33
ens33: negotiated 1000baseT-FD flow-control, link ok
[root@localhost: network-scripts]# ethtool ens33
Settings for ens33:
	Supported ports: [ TP ]
	Supported link modes:   10baseT/Half 10baseT/Full 
	                        100baseT/Half 100baseT/Full 
	                        1000baseT/Full 
	Supported pause frame use: No
	Supports auto-negotiation: Yes
	Advertised link modes:  10baseT/Half 10baseT/Full 
	                        100baseT/Half 100baseT/Full 
	                        1000baseT/Full 
	Advertised pause frame use: No
	Advertised auto-negotiation: Yes
	Speed: 1000Mb/s
	Duplex: Full
	Port: Twisted Pair
	PHYAD: 0
	Transceiver: internal
	Auto-negotiation: on
	MDI-X: off (auto)
	Supports Wake-on: d
	Wake-on: d
	Current message level: 0x00000007 (7)
			       drv probe link
	Link detected: yes

更改主机名,

[root@localhost: ~]# 
[root@localhost: ~]# hostnamectl set-hostname lhy
[root@localhost: ~]# hostname
lhy
[root@localhost: ~]# bash
[root@lhy: ~]# cat /etc/hostname 
lhy
[root@lhy: ~]# echo "localhost" > /etc/hostname 
[root@lhy: ~]# bash
[root@lhy: ~]# hostname
lhy
[root@lhy: ~]# cat /etc/hostname 
localhost

DNS的配置文件在/etc/resolv.conf中,是在网卡配置文件中定义的。

[root@localhost: ~]# cat /etc/resolv.conf 
# Generated by NetworkManager
nameserver 8.8.8.8
[root@localhost: ~]# cat /etc/sysconfig/network-scripts/ifcfg-ens33 | grep 'DNS'
DNS1="8.8.8.8"

/etc/hosts配置文件,在linux和windows中都有,可以说就是一个简单的dns,支持一个ip配多个域名(空格分隔),只在本机生效。如果是多个域名配多个ip,以最后一个为准。的

[root@localhost: ~]# cat /etc/hosts
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6

10.12 firewalld和netfilter

linux下的防火墙selinux

临时关闭可以用setenforce 0

[root@localhost: ~]# cat /etc/selinux/config 

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
SELINUX=enforcing
# SELINUXTYPE= can take one of three two values:
#     targeted - Targeted processes are protected,
#     minimum - Modification of targeted policy. Only selected processes are protected. 
#     mls - Multi Level Security protection.
SELINUXTYPE=targeted

今天我们来介绍另外一种防火墙,netfilter和firewalld。这是在centos6,7中的防火墙。

selinux一般是关闭的。

firewalld关闭方法。

[root@localhost: ~]# systemctl disable firewalld 
Removed symlink /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[root@localhost: ~]# systemctl stop firewalld.service

开启netfilter需要先安装iptables-service

[root@localhost: ~]# yum install iptables-services.x86_64
.............
[root@localhost: ~]# systemctl enable iptables
Created symlink from /etc/systemd/system/basic.target.wants/iptables.service to /usr/lib/systemd/system/iptables.service.
[root@localhost: ~]# systemctl start iptables.service

可以简单看一下

[root@localhost: ~]# iptables -nvL
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         
   26  1716 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            state RELATED,ESTABLISHED
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 ACCEPT     all  --  lo     *       0.0.0.0/0            0.0.0.0/0           
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            state NEW tcp dpt:22
    0     0 REJECT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            reject-with icmp-host-prohibited

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 REJECT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            reject-with icmp-host-prohibited

Chain OUTPUT (policy ACCEPT 14 packets, 1448 bytes)
 pkts bytes target     prot opt in     out     source               destination

这样我们就开启了centos6上的防火墙。

之后我们再来介绍firewalld。

10.13 netfilter5表5链介绍

filter:
      This  is  the  default  table (if no -t option is passed). It contains the built-in chains INPUT (for packets destined to local sockets), FORWARD (for packets being routed through the box), and OUTPUT (for locally-generated packets).

nat:
    This table is consulted when a packet that creates a new connection is encountered.  It consists of three  built-ins:  PREROUTING  (for  altering packets  as  soon as they come in), OUTPUT (for altering locally-generated packets before routing), and POSTROUTING (for altering packets as they are about to go out).  IPv6 NAT support is available since kernel 3.7.

mangle:
       This table is used for specialized packet alteration.  Until kernel 2.4.17 it had two built-in chains: PREROUTING (for altering incoming  packets before  routing)  and  OUTPUT (for altering locally-generated packets before routing).  Since kernel 2.4.18, three other built-in chains are also supported: INPUT (for packets coming into the box itself), FORWARD (for altering packets being routed through  the  box),  and  POSTROUTING  (for altering packets as they are about to go out).

raw:
    This  table  is used mainly for configuring exemptions from connection tracking in combination with the NOTRACK target.  It registers at the net‐filter hooks with higher priority and is thus called before ip_conntrack, or any other IP tables.  It provides  the  following  built-in  chains: PREROUTING (for packets arriving via any network interface) OUTPUT (for packets generated by local processes)

security:
       This  table is used for Mandatory Access Control (MAC) networking rules, such as those enabled by the SECMARK and CONNSECMARK targets.  Mandatory Access Control is implemented by Linux Security Modules such as SELinux.  The security table is called after the filter table, allowing any  Dis‐cretionary  Access  Control  (DAC) rules in the filter table to take effect before MAC rules.  This table provides the following built-in chains: INPUT (for packets coming into the box itself), OUTPUT (for altering locally-generated packets before routing), and FORWARD (for altering packets being routed through the box).

filter可以限制输入输出,做到转发数据包等许多的功能。

路由器的实现可以由nat实现。A机器网卡a连接公网ip;B机器网卡b1也链接公网ip,但是B还有一个网卡b2连接私网;C机器c网卡连接相同的私网。那么A和C是不能直接通信的。只有ab1通信,b2和c通信,这时候在B机器设置一个nat的iptables规则,做一个端口映射,从B的port1映射到D的port2。这样就可以通信了。

这五个表我们只介绍前两个。

filter表过滤数据包最常用的表有INPUT、FORWARD、OUTPUT三个链。

nat有三个表PREROUTING、OUTPUT、POSTROUTING。

数据包流向

10.14 iptables语法

[root@localhost: ~]# iptables -nvL
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         
   26  1716 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            state RELATED,ESTABLISHED
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 ACCEPT     all  --  lo     *       0.0.0.0/0            0.0.0.0/0           
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            state NEW tcp dpt:22
    0     0 REJECT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            reject-with icmp-host-prohibited

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 REJECT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            reject-with icmp-host-prohibited

Chain OUTPUT (policy ACCEPT 14 packets, 1448 bytes)
 pkts bytes target     prot opt in     out     source               destination

这些是iptables的默认规则,保存在/etc/sysconfig/iptables中。

*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT

我们可以使用-F清空所有规则,但是是不保存的。

[root@localhost: ~]# iptables -F
[root@localhost: ~]# iptables -nvL
Chain INPUT (policy ACCEPT 26 packets, 1716 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain OUTPUT (policy ACCEPT 14 packets, 1400 bytes)
 pkts bytes target     prot opt in     out     source               destination

如果想把我们当前规则保存下来,使用命令

[root@localhost: ~]# service iptables save

我们默认操作的是filter表,-t选项指定表。

[root@localhost: ~]# iptables -t nat -nvL
Chain PREROUTING (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain POSTROUTING (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination

-Z选项清空计数器

[root@localhost: ~]# iptables -nvL
Chain INPUT (policy ACCEPT 24 packets, 1584 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain OUTPUT (policy ACCEPT 15 packets, 1884 bytes)
 pkts bytes target     prot opt in     out     source               destination         
[root@localhost: ~]# iptables -Z
[root@localhost: ~]# iptables -nvL
Chain INPUT (policy ACCEPT 6 packets, 428 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain OUTPUT (policy ACCEPT 4 packets, 480 bytes)
 pkts bytes target     prot opt in     out     source               destination

对于命令

[root@localhost: ~]# iptables -t filter -A INPUT  -s 192.168.16.1 -p tcp --sport 1234 -d 192.168.16.100 --dport 80 -j DROP

把来源于192.168.16.1的tcp的端口为1234目标主机192.168.16.100端口80的数据包全部丢掉。

[root@localhost: ~]# iptables -nvL
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         
  277 18344 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            state RELATED,ESTABLISHED
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 ACCEPT     all  --  lo     *       0.0.0.0/0            0.0.0.0/0           
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            state NEW tcp dpt:22
    0     0 REJECT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            reject-with icmp-host-prohibited
    0     0 DROP       tcp  --  *      *       192.168.16.1         192.168.16.100       tcp spt:1234 dpt:80

可以看到新加的规则放在了最后。

也可以-I插入规则,而-A是追加规则。

[root@localhost: ~]# iptables -nvL
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:80
  553 43744 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            state RELATED,ESTABLISHED
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 ACCEPT     all  --  lo     *       0.0.0.0/0            0.0.0.0/0           
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            state NEW tcp dpt:22
    0     0 REJECT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            reject-with icmp-host-prohibited
    0     0 DROP       tcp  --  *      *       192.168.16.1         192.168.16.100       tcp spt:1234 dpt:80

匹配规则的时候,匹配第一次符合条件的规则直接执行。

-D可以删除规则。

[root@localhost: ~]# iptables -t filter -D INPUT  -p tcp --dport 80 -j DROP
[root@localhost: ~]# iptables -nvL
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         
  614 49012 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            state RELATED,ESTABLISHED
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 ACCEPT     all  --  lo     *       0.0.0.0/0            0.0.0.0/0           
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            state NEW tcp dpt:22
    0     0 REJECT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            reject-with icmp-host-prohibited
    0     0 DROP       tcp  --  *      *       192.168.16.1         192.168.16.100       tcp spt:1234 dpt:80

删除可以根据number号删除。

[root@localhost: ~]# iptables -nvL --line-number
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
num   pkts bytes target     prot opt in     out     source               destination         
1        0     0 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:80
2      696 54488 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            state RELATED,ESTABLISHED
3        0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0           
4        0     0 ACCEPT     all  --  lo     *       0.0.0.0/0            0.0.0.0/0           
5        0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            state NEW tcp dpt:22
6        0     0 REJECT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            reject-with icmp-host-prohibited
7        0     0 DROP       tcp  --  *      *       192.168.16.1         192.168.16.100       tcp spt:1234 dpt:80

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
num   pkts bytes target     prot opt in     out     source               destination         
1        0     0 REJECT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            reject-with icmp-host-prohibited

Chain OUTPUT (policy ACCEPT 36 packets, 4848 bytes)
num   pkts bytes target     prot opt in     out     source               destination         
[root@localhost: ~]# iptables -nvL -D INPUT 7
iptables v1.4.21: Cannot use -D with -L

Try `iptables -h' or 'iptables --help' for more information.
[root@localhost: ~]# iptables  -D INPUT 7
[root@localhost: ~]# iptables -nvL --line-number
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
num   pkts bytes target     prot opt in     out     source               destination         
1        0     0 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:80
2      798 62292 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            state RELATED,ESTABLISHED
3        0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0           
4        0     0 ACCEPT     all  --  lo     *       0.0.0.0/0            0.0.0.0/0           
5        0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            state NEW tcp dpt:22
6        0     0 REJECT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            reject-with icmp-host-prohibited

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
num   pkts bytes target     prot opt in     out     source               destination         
1        0     0 REJECT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            reject-with icmp-host-prohibited

Chain OUTPUT (policy ACCEPT 5 packets, 668 bytes)
num   pkts bytes target     prot opt in     out     source               destination

-P是默认规则,即没有规则的表由默认规则来解释。

默认策略是ACCEPT

[root@localhost: ~]# iptables -P OUTPUT DROP

##试验机实验的时候把默认的规则变成DROP会断开你的xshell链接。

selinux教程

selinux pdf电子书

转载于:https://my.oschina.net/u/3866688/blog/1845240

chenglichu0862
关注
网卡接口与网络连接(NetworkManager)
JackLiu16的博客
02-23 3562
[root@localhost network-scripts]# nmcli con add con-name eth3 type ethernetError: 'ifname' argument is required.[root@localhost network-scripts]# nmcli con add con-name eth3 type ethernet ifname eth2C...
matlab7.12激活文件
07-18
MATLAB 7.12,也就是MATLAB 2011b,是该软件的一个重要版本,引入了许多新特性,提升了性能,并优化了用户界面。 在安装MATLAB 2011b时,用户通常需要一个有效的激活文件来完成软件的激活过程,以解锁全部功能。...
kvm虚拟化
m0_65079526的博客
10-13 114
虚拟化、kvm介绍,kvm部署,kvm web界面安装和管理
如何在 Linux 中设置以太网绑定
太极淘的博客
02-15 1274
以太网绑定是一种将两个或多个网络接口组合(连接)到单个虚拟 NIC 卡中的方法,它可以增加带宽并提供 NIC 卡的冗余。 Linux 允许我们使用名为绑定的特殊内核模块绑定多个网络接口。该功能在 Linux 上启用,因此我们可以创建一个称为绑定的新虚拟接口。我们有两张网卡 ens33 和 ens34。该帖子显示了 RHEL 7 和 CentOS 7 上的过程。 1) 启用绑定模块 作为第一步,您需要检查绑定模块是否已启用。您可以使用以下命令进行检查 # modinfo bonding mo..
hadoop平台网络配置bond模式实现高可用
pysense的博客
11-19 499
文章目录项目背景1、为测试服务器添加多个网卡2、查看测试服务器的网卡信息3、配置两个网卡3.1 这里需要先把原网卡配置拷贝一份作为备份。3.2 将ens33和ens37配成slave模式4、配置bond0虚拟网卡5、bond0的配置说明和工作原理6、 加载内核bond模块 modprobe bonding7、查看bond0虚拟网卡状态并测试主备网卡切换 项目背景   在前面文章关于hadoop大数...
10.11-Linux网络相关
Evan's运维笔记
11-25 386
用 ifconfig 命令查看网卡 IP 前面我们用过 ip addr 这个命令来查看系统的 IP 地址。其实在 CentOS7 之前,我们使用最多的就是 ifconfig ,它类似于 Windows 的 ipconfig 命令,后面不加任何选项和参数时,只打印当前网卡 IP 的相关信息(如子网掩码、网卡等)在 Windows 下设置 IP 非常简单,然后在命令窗口下如何设置呢?这就需要修改配置文...
7.12
2201_75629311的博客
07-12 256
ls /var/ftp //切换到ftp目录下。(5)如果使用touch创建一个txt文件,那么其默认权限为644(系统不会赋予文件执行权限,所谓文件默认最高权限是666)cd /etc/vsftpd/ //进入配置文件目录。echo "this is test" > /var/ftp/test.txt //写测试文本文件。
7.12笔记
weixin_68468382的博客
07-15 361
(5)如果使用touch创建一个txt文件,那么其默认权限为644(系统不会赋予文件执行权限,所谓文件默认最高权限是666)cd /etc/vsftpd/ //进入配置文件目录。echo "this is test" > /var/ftp/test.txt //写测试文本文件。发现权限-rw-r--r--变成了-rw-rw-r--(8)vim /etc/vsftpd/vsftpd.conf编辑添加以下内容。
7.12summary
weixin_48936512的博客
07-12 54
计划之类任务完成大部分,由于当前开发板缘故,暂无法与网络上所学知识融会贯通,还需多加探索和联系。学会模块化编程对于编程思路和效率有了很大提升,应当是目前最大的收获。对编程的基本逻辑和编程习惯有了一定的认识和提升。
今日复盘7.12
m0_64950643的博客
07-12 411
问题二:ROUND((case when B.REL_OVEROFFER_AMOUNT_AVG_3M>30 and D.PROD_INST_ID is null THEN C.ALL_REL_OFFER_AMOUNT_AVG_3M+30。上午和下午都在干活,给我这段代码是一个Perl脚本,用于数据处理和ETL(Extract, Transform, Load)任务。家人们看到这种真的晕,真的不知道怎么找。问题四:有无更方便的手段找到来源表。问题一:找不到与日期有关的字段。让我找到字段的来源表。
nmap-7.12-win32
10-14
例如,它可以进行脚本扫描(Nmap Scripting Engine, NSE),利用内置或用户自定义的脚本,执行更复杂的安全测试和审计任务。此外,Nmap还可以生成详细的报告,方便用户分析和记录扫描结果。 总的来说,Nmap 7.12是...
世纪星V7.12函数在线说明
03-20
3. 调用执行:在合适的位置调用函数,执行计算或处理任务。 4. 结果获取:获取函数执行后的结果,并根据需要进行进一步的处理或展示。 四、函数示例与应用 为了帮助用户快速上手,说明文档通常会提供各种函数的实际...
世纪星V7.12数据库转换程序下载
03-20
总之,世纪星V7.12数据库转换程序是世纪星用户进行数据迁移的关键工具,通过它,用户可以安全有效地处理数据转换任务,保障业务的正常运行。在使用过程中,详细说明和技术资料将是用户的得力助手,务必充分利用这些...
MATLAB7.12注册文件
09-23
同时,该版本可能对并行计算和分布式计算有所增强,允许用户充分利用多核处理器或集群资源,加速计算任务。 总的来说,MATLAB 7.12不仅提供了完善的矩阵计算工具,而且在易用性和性能上都进行了优化,是科研和工程...
【2024版】最新kali linux入门及常用简单工具介绍(非常详细)零基础入门到精通,收藏这一篇就够了_kalilinux
weixin_57514792的博客
10-07 1173
最新kali linux入门及常用简单工具介绍
Macbook ToDesk 无法连接网络
Primer5
10-04 338
检查登录项,看到后台运行项目是关闭状态,允许后台运行之后返回查看立马显示网络连接正常。网络连接的是 Wi-Fi,打开浏览器能跟正常浏览内容,说明 Wi-Fi 是正常的。检查防火墙是没有阻止ToDesk 的任何连接,说明防火墙也是正常的。
网络风暴产生原因、危害、预防和解决方法
luotuo28的博客
10-09 393
网络风暴是指由于某种原因引发的网络中数据流量急剧增加,导致网络性能严重下降甚至瘫痪的现象。
网络安全学习路线图(2024版详解)
最新发布
baimaozi008的博客
10-10 710
近期,大家在网上对于网络安全讨论比较多,想要学习的人也不少,但是需要学习哪些内容,按照什么顺序去学习呢?其实我们已经出国多版本的路线图,一直以来效果也比较不错,本次我们针对市场需求,整理了一套系统的路线图,供大家学习参考。希望大家按照路线图进行系统学习不仅可以的完成上岸,还能够系统化学习,提升自己的后期竞争力。
NVIDIA vGPU M系列GPU在vSphere 6.0与XenDesktop 7.12上的部署指南
4. 支持的GPU:手册中提到了Tesla M60/M6和M10 GPU,这些都是NVIDIA专为虚拟化设计的GPU,适合于图形密集型应用和高性能计算任务。 5. GRID vGPU配置文件:这些文件定义了GPU资源如何在虚拟机之间分配,不同的配置...
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值